Bug 1068880

Summary: security/virt-aa-helper.c - Unable to handle unix sockets
Product: [Community] Virtualization Tools Reporter: Tony <tatkinson>
Component: libvirtAssignee: Libvirt Maintainers <libvirt-maint>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: crobinso, rbalakri
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-21 22:33:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Add ability to handle unix sockets none

Description Tony 2014-02-22 20:46:17 UTC 
Created attachment 866472 [details]
Add ability to handle unix sockets

Description of problem:

Originally raised downstream in the Ubuntu distribution
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1015154

Attempting to create socket connection between VM host and a pre-existing guest.
Following this guide
http://wiki.libvirt.org/page/Qemu_guest_agent

New channel defined in VM

<channel type='unix'>
   <source mode='bind' path='/var/lib/libvirt/qemu/app-dev-tony.agent'/>
   <target type='virtio' name='org.qemu.guest_agent.0'/>
</channel>

When starting VM, get the following

error: Failed to start domain app-dev-tony
error: internal error Process exited while reading console log output: char device redirected to /dev/pts/3
bind(unix:/var/lib/libvirt/qemu/app-dev-tony.agent): Permission denied
chardev: opening backend "socket" failed: Permission denied

I've had a quick look at the source for virt-aa-helper, and attach (what I think is) a patch for the issue.
But I am in no way a C developer...
Comment 1 Cole Robinson 2016-03-21 22:33:44 UTC 
Sorry this never received a response... a similar patch was eventually applied upstream:

commit 56ba2f99a587f9582ca960165ad67eea18075bb2
Author: Serge Hallyn <serge.hallyn>
Date:   Fri Jul 3 19:01:34 2015 +0000

    virt-aa-helper: add unix channels for nserials as well